[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Applications of Trusted Review to Information Security

  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2119))

Included in the following conference series:

  • 1013 Accesses

Abstract

The review process is an important part of many everyday activities. We introduce the concept of trusted review for electronic data. The review process is performed using an insertable security device called a Trusted Reviewer. The Trusted Reviewer can be designed to satisfy high assurance evaluation requirements. We show how the Trusted Reviewer can offer increased security in messaging, certification authorities, funds transfer, witnessing, and information downgrade.

This work was performed in part while with DSTO, and in part while with the ISRC at QUT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. C. Adams and S. Lloyd, Understanding Public-key infrastructure: concepts, standards, and deployment considerations, Macmillan Technical Publishing, 1999.

    Google Scholar 

  2. J. Allen, A. Christie, W. Fithen, J. McHugh, J. Pickel and E. Stoner, State of the Practice of Intrusion Detection Technologies, Technical Report

    Google Scholar 

  3. M. Anderson, C. North, J. Griffin, R. Milner, J. Yesberg, and K. Yin, Starlight: Interactive Link, Proc. 12th. Annual Computer Science Security Applications Conference, IEEE Computer Society Press, 55–63, 1996.

    Google Scholar 

  4. M. Anderson, J. Yesberg, D. Marriott, L. Nayda, K. Hayman, M. Stevens, and B. Beahan Communications Security and Trusted Path Method and Means Australian Patent 706073, 1991.

    Google Scholar 

  5. R. Anderson, Liability and Computer Security-Nine Principles, ESORICS 94, http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/liability.pdf).

  6. R. Anderson and F. Petitcolas, Information Hiding: An Annotated Bibliography, 1999. http://www.cl.cam.ac.uk/~fapp2/steganography/bibliography/Annotated_Bibliography.pdf

  7. Australian Media Pty Ltd, Melissa.Net Portal, 2001, http://melissa.net/melissavirus.htm

  8. D. Baker, Fortresses Built Upon Sand, Proc. of the New Security Paradigms Workshop, pp. 148–153, 1996.

    Google Scholar 

  9. Common Criteria, http://www.commoncriteria.org/

  10. Commonwealth of Australia, Privacy Act, 1988, Australian Government Printing Service. http://www.austlii.edu.au/au/legis/cth/consol_act/pa1988108/index.html

  11. Dallas Semiconductor, iButton 2001. http://www.ibutton.com

  12. Defence Signals Directorate, Evaluated Products List, April 2000. Available at http://www.dsd.gov.au/infosec/aisep/EPL.html

  13. Department of Justice and Attorney-General, Queensland, Administrative Duties of Commissioners for Declarations and Justices of the Peace, 2000.

    Google Scholar 

  14. C. Ellison and B. Schneier Ten Risks of PKI: What You’re Not Being Told About Public Key Infrastructure, Computer Security Journal, 16(1), 1–7, 2000. http://www.counterpane.com/pki-risks.html

    Article  Google Scholar 

  15. T. Fiorino, P. Casey, M. Easley, and R. Jordan. Lessons learned during the life cycle of an MLS guard deployed at multiple sites Proc. IEEE 11th Annual Computer Security Applications Conference, 1995. pp. 99–107.

    Google Scholar 

  16. L. Gagnon, An overview of the USAFE Guard System, Proc. 13th National Computer Security Conference, 1990. pp. 218–227

    Google Scholar 

  17. P. Greve, J. Hoffman, and R.E. Smith, Using type enforcement to assure a configurable guard, Proc. IEEE 13th Annual Computer Security Applications Conference, 1997. pp. 146–154.

    Google Scholar 

  18. M. Henderson, M. Burmester, E. Dawson and E. Okamoto, The Dark Side of Digital Signatures, Business Briefing — Global Information Security, to appear.

    Google Scholar 

  19. McAfee.com Associates, Virus Profile: VBS/Loveletter.a 2001, http://vil.mcafee.com/dispVirus.asp?virus_k=98617&

  20. M. Manninger and R. Schischka, Adapting an electronic purse for Internet payments, ACISP’98, Springer-Verlag LNCS 1438, pp 205–214, 1998.

    Google Scholar 

  21. J. McLean and C. Meadows, The Future of Information Security, Themes and Highlights of the New Security Paradigms Workshop. http://chacs.nrl.navy.mil/publications/CHACS/1999/index1999.html

  22. A. McCullagh, W. Caelli, and P. Little, Electronic Signatures: Understand the Past to Develop the Future, University of New South Wales Law Journal, 1998. http://www.law.unsw.edu.au/unswlj/ecommerce/mccullagh.html

  23. C. Meadows and J. McLean, Security and Dependability: Then and Now, Computer Security, Dependability, and Assurance: From Needs to Solutions, IEEE Society Press, 166–170, 1999. http://chacs.nrl.navy.mil/publications/CHACS/1999/index1999.html

  24. A. Moore, Network Pump (NP) Security Target, Naval Research Laboratory, Memorandum Report 5540-00-8459, May 2000.

    Google Scholar 

  25. National Computer Security Center, Department of Defense Trusted Computer Security Evaluation Criteria, Report DOD5200.28-STD 1985.

    Google Scholar 

  26. National Security Agency, Security-Enhanced Linux http://www.nsa.gov/selinux/

  27. T. Redhead and D. Povey, The Problems With Secure On-line Banking. In Proceedings of the XVIIth annual South East Asia Regional Conference (SEARCC’98). July, 1998, http://security.dstc.edu.au/papers/searcc98-bank/

  28. J. Saltzer and M. Schroeder The protection of information in computer systems Proc. IEEE 63(9) 1278–1308, 1975.

    Article  Google Scholar 

  29. B. Schneier Why Digital Signatures are Not Signatures, Cryptogram, November 15 2000. http://www.counterpane.com/crypto-gram-0011.html#1

  30. E. Smith, Trusted Computing: Trusted by Whom? http://www.brouhaha.com/~eric/editorials/trusted_computing.html

  31. Spyrus, Rosetta Personal Access Reader, 2001. http://www.spyrus.com/content/products/rosetta/PAR2.asp

  32. Trusted Computing Platform Alliance, (for information http://www.trustedpc.org/home/home.htm)

  33. R. Vick, An overview of the AMC WWMCCS CAT Guard, Proc. IEEE Eighth Annual Computer Security Applications Conference, 1992. pp. 46–54.

    Google Scholar 

  34. Vision Abell Pty Ltd (now Tenix Defence Systems), Data Diode v1.2 Security Target, 1998.

    Google Scholar 

  35. Vision Abell Pty Ltd (now Tenix Defence Systems), Interactive Link v3.0 Security Target, 1999. http://www.systems.tenix.com/PRODUCTS/c3i/INTERLINK.HTML

  36. Vision Abell Pty Ltd (now Tenix Defence Systems), Interactive Link Multiple Computer Switch v2.0 Security Target, 1999.

    Google Scholar 

  37. P. Winkler, Electronic Trusted Party, US Patent 5117358, 1992. http://www.delphion.com/details?pn=US05117358

Download references

Author information

Authors and Affiliations

  1. Information Technology Division, Defence Science and Technology Organisation, PO Box 1500, Salisbury, SA, 5108, Australia

    John Yesberg

  2. School of Computer Science and Electrical Engineering, University of Queensland, Qld, 4072, Australia

    Marie Henderson

Authors
  1. John Yesberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marie Henderson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computing, Macquarie University, North Ryde, NSW, 2109, Australia

    Vijay Varadharajan  & Yi Mu  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yesberg, J., Henderson, M. (2001). Applications of Trusted Review to Information Security. In: Varadharajan, V., Mu, Y. (eds) Information Security and Privacy. ACISP 2001. Lecture Notes in Computer Science, vol 2119. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-47719-5_25

Download citation

  • DOI: https://doi.org/10.1007/3-540-47719-5_25

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42300-3

  • Online ISBN: 978-3-540-47719-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation